Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / pypa/pip-audit issues and pull requests
#689 - build(deps-dev): update cyclonedx-python-lib requirement from ~=4.0 to >=4,<6
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
- 1 comment
Labels: dependencies, python
#688 - build(deps-dev): update ruff requirement from <0.1.2 to <0.1.3
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, python
#687 - build(deps-dev): update ruff requirement from <0.1.1 to <0.1.2
Pull Request -
State: closed - Opened by dependabot[bot] 8 months ago
Labels: dependencies, python
#686 - build(deps-dev): update ruff requirement from <0.0.293 to <0.1.1
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: dependencies, python
#685 - build(deps): bump actions/checkout from 4.1.0 to 4.1.1
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, github_actions
#684 - Override URL for pypi service
Issue -
State: closed - Opened by MichelEdkrantz 9 months ago
- 5 comments
Labels: enhancement
#683 - build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, github_actions
#682 - build(deps-dev): update ruff requirement from <0.0.292 to <0.0.293
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, python
#681 - build(deps): bump sigstore/gh-action-sigstore-python from 2.0.1 to 2.1.0
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, github_actions
#680 - [DRAFT] Add expiry date with two arguments
Pull Request -
State: open - Opened by KeithWM 9 months ago
#679 - [DRAFT] Add expiry date
Pull Request -
State: open - Opened by KeithWM 9 months ago
#678 - build(deps-dev): update ruff requirement from <0.0.291 to <0.0.292
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
Labels: dependencies, python
#677 - build(deps): bump actions/checkout from 4.0.0 to 4.1.0
Pull Request -
State: closed - Opened by dependabot[bot] 9 months ago
- 1 comment
Labels: dependencies, github_actions
#676 - Temporary ignoring of vulnerabilities
Issue -
State: open - Opened by KeithWM 9 months ago
- 8 comments
Labels: enhancement
#675 - build(deps-dev): update ruff requirement from <0.0.290 to <0.0.291
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, python
#674 - build(deps-dev): update ruff requirement from <0.0.289 to <0.0.290
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, python
#673 - build(deps-dev): update ruff requirement from <0.0.288 to <0.0.289
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, python
#672 - add note on ignoring unfixed vulnerabilities
Pull Request -
State: closed - Opened by MFTabriz 10 months ago
#671 - build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, github_actions
#670 - CLI: add a flag to exit with non-zero code only for fixable vulnerabilities
Issue -
State: closed - Opened by MFTabriz 10 months ago
- 10 comments
Labels: enhancement
#669 - build(deps-dev): update ruff requirement from <0.0.287 to <0.0.288
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, python
#668 - build(deps): bump actions/checkout from 3.6.0 to 4.0.0
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, github_actions
#667 - Move to PyPA org on PyPI?
Issue -
State: closed - Opened by webknjaz 10 months ago
- 1 comment
Labels: enhancement
#666 - build(deps-dev): update ruff requirement from <0.0.286 to <0.0.287
Pull Request -
State: closed - Opened by dependabot[bot] 10 months ago
Labels: dependencies, python
#664 - Despite --skip-editable, --strict still fails due to editable packages
Issue -
State: closed - Opened by marcinbarczynski 10 months ago
- 8 comments
Labels: question, component:cli, component:dep-sources, bug-candidate
#663 - build(deps-dev): update ruff requirement from <0.0.285 to <0.0.286
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, python
#662 - Duplicates are not supported in requirements.txt when run with --disable-pip
Issue -
State: open - Opened by npalmius 11 months ago
- 2 comments
Labels: component:dep-sources, bug-candidate
#661 - build(deps): bump sigstore/gh-action-sigstore-python from 2.0.0 to 2.0.1
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, github_actions
#660 - build(deps-dev): update ruff requirement from <0.0.284 to <0.0.285
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, python
#659 - build(deps): bump actions/deploy-pages from 2.0.3 to 2.0.4
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
- 1 comment
Labels: dependencies, github_actions
#658 - build(deps-dev): update ruff requirement from <0.0.283 to <0.0.284
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, python
#657 - build(deps): bump sigstore/gh-action-sigstore-python from 1.2.3 to 2.0.0
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, github_actions
#656 - build(deps-dev): update ruff requirement from <0.0.281 to <0.0.283
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, python
#655 - support poetry lock file source
Issue -
State: closed - Opened by kapilt 11 months ago
- 2 comments
Labels: enhancement
#654 - Get vulnerability score/severity with pip-audit
Issue -
State: open - Opened by matteoannotell 11 months ago
- 5 comments
Labels: enhancement, upstream
#653 - mvp for getting scores and severity of vulnerabilities
Pull Request -
State: closed - Opened by matteoannotell 11 months ago
- 1 comment
#652 - treewide: prep 2.6.1
Pull Request -
State: closed - Opened by woodruffw 11 months ago
Labels: chore
#651 - build(deps-dev): update ruff requirement from <0.0.279 to <0.0.281
Pull Request -
State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, python
#650 - build(deps-dev): update ruff requirement from <0.0.278 to <0.0.279
Pull Request -
State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, python
#649 - build(deps): bump actions/deploy-pages from 2.0.2 to 2.0.3
Pull Request -
State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, github_actions
#648 - build(deps): bump actions/upload-pages-artifact from 1.0.9 to 2.0.0
Pull Request -
State: closed - Opened by dependabot[bot] 12 months ago
- 1 comment
Labels: dependencies, github_actions
#647 - Fix tempfiles on windows, fixes #646
Pull Request -
State: closed - Opened by marickmanrho 12 months ago
- 2 comments
#646 - Tempfiles are not working on Windows
Issue -
State: closed - Opened by marickmanrho 12 months ago
- 3 comments
Labels: bug-candidate, plat:windows
#645 - Fresh installed pip-audit via conda-forge failed to install packages (internal pip failure)
Issue -
State: closed - Opened by ovalerio 12 months ago
- 4 comments
Labels: upstream
#644 - support for config from toml file
Issue -
State: closed - Opened by prathapbelli 12 months ago
- 1 comment
Labels: enhancement
#643 - build(deps-dev): update ruff requirement from <0.0.277 to <0.0.278
Pull Request -
State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, python
#642 - build(deps-dev): update ruff requirement from <0.0.276 to <0.0.277
Pull Request -
State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, python
#641 - Prep 2.6.0
Pull Request -
State: closed - Opened by woodruffw 12 months ago
Labels: chore
#640 - CHANGELOG: fix link
Pull Request -
State: closed - Opened by woodruffw about 1 year ago
Labels: chore
#639 - build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#638 - build(deps-dev): update ruff requirement from <0.0.275 to <0.0.276
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#637 - build(deps-dev): update ruff requirement from <0.0.273 to <0.0.275
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#636 - build(deps): bump actions/upload-pages-artifact from 1.0.8 to 1.0.9
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#635 - build(deps): bump actions/checkout from 3.0.0 to 3.5.3
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#634 - build(deps): bump actions/deploy-pages from 2.0.1 to 2.0.2
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#633 - Fix adds a fixed dependency in files where there is no original one
Issue -
State: open - Opened by q0w about 1 year ago
- 2 comments
Labels: bug, component:dep-sources
#632 - build(deps): bump github/codeql-action from 2.3.6 to 2.13.4
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#631 - build(deps-dev): update ruff requirement from <0.0.272 to <0.0.273
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#630 - build(deps-dev): update ruff requirement from <0.0.271 to <0.0.272
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#629 - build(deps): bump github/codeql-action from 2.3.5 to 2.3.6
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 3 comments
Labels: dependencies, github_actions
#628 - pyproject: bump CacheControl
Pull Request -
State: closed - Opened by woodruffw about 1 year ago
Labels: dependencies, chore
#627 - simplified the usage of CycloneDx
Pull Request -
State: closed - Opened by ThunderKey about 1 year ago
Labels: component:output-formats
#626 - Reintroduce dependency optimization
Pull Request -
State: closed - Opened by trottomv about 1 year ago
- 9 comments
Labels: component:dep-sources
#625 - updated cyclonedx dependency
Pull Request -
State: closed - Opened by ThunderKey about 1 year ago
- 2 comments
Labels: component:output-formats, dependencies
#624 - build(deps): bump github/codeql-action from 2.3.4 to 2.3.5
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#623 - build(deps-dev): update ruff requirement from <0.0.270 to <0.0.271
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#622 - build(deps): bump github/codeql-action from 2.3.3 to 2.3.4
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#621 - Do a better job of signaling when audited dependencies come from `pip-audit` itself
Issue -
State: open - Opened by woodruffw about 1 year ago
- 7 comments
Labels: component:dep-sources, discussion
#620 - build(deps-dev): update urllib3 requirement from <2.0,>=1.26 to >=1.26,<3.0
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, python
#619 - build(deps-dev): update urllib3 requirement from ~=1.26 to >=1.26,<2.0
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, python
#618 - treewide: 2.5.6
Pull Request -
State: closed - Opened by woodruffw about 1 year ago
Labels: chore
#617 - pyproject: constrain urllib3
Pull Request -
State: closed - Opened by woodruffw about 1 year ago
- 2 comments
Labels: dependencies
#616 - pip-audit imports a vulnerable version of the requests package
Issue -
State: closed - Opened by behnazh-w about 1 year ago
- 12 comments
Labels: dependencies, bug-candidate
#615 - build(deps-dev): update requests requirement from <2.30 to <2.32
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, python
#614 - build(deps-dev): update ruff requirement from <0.0.268 to <0.0.270
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#613 - `pip-audit` raises `TypeError: HTTPResponse`
Issue -
State: closed - Opened by Tomperez98 about 1 year ago
- 1 comment
Labels: duplicate
#612 - build(deps-dev): update ruff requirement from <0.0.266 to <0.0.268
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#611 - build(deps-dev): update ruff requirement from <0.0.265 to <0.0.266
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#610 - Reintroduce the preresolved dependency optimization
Issue -
State: closed - Opened by woodruffw about 1 year ago
- 10 comments
Labels: component:dep-sources, performance
#609 - build(deps): bump github/codeql-action from 2.3.2 to 2.3.3
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#608 - build(deps-dev): update requests requirement from <2.30 to <2.31
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 4 comments
Labels: dependencies, python
#607 - CHANGELOG: fix entries
Pull Request -
State: closed - Opened by woodruffw about 1 year ago
Labels: chore
#606 - chore: prep 2.5.5
Pull Request -
State: closed - Opened by woodruffw about 1 year ago
Labels: chore
#605 - pyproject: add, pin requests
Pull Request -
State: closed - Opened by woodruffw about 1 year ago
Labels: bug, dependencies
#604 - build(deps-dev): update ruff requirement from <0.0.264 to <0.0.265
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#603 - build(deps): bump github/codeql-action from 2.3.1 to 2.3.2
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#602 - build(deps): bump github/codeql-action from 2.3.0 to 2.3.1
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#601 - Cannot include git repo as a dependency
Issue -
State: closed - Opened by seankfh about 1 year ago
- 3 comments
Labels: duplicate
#600 - build(deps-dev): update ruff requirement from <0.0.263 to <0.0.264
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#599 - Failure to find dependency that was installed from extra index url
Issue -
State: open - Opened by cornelius-braun about 1 year ago
- 8 comments
Labels: bug, component:dep-sources
#598 - build(deps): bump github/codeql-action from 2.2.12 to 2.3.0
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#597 - build(deps-dev): update ruff requirement from <0.0.262 to <0.0.263
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, python
#596 - OS matrix in CI
Pull Request -
State: open - Opened by jleightcap about 1 year ago
#595 - build(deps): bump actions/deploy-pages from 2.0.0 to 2.0.1
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#594 - build(deps): bump github/codeql-action from 2.2.11 to 2.2.12
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#593 - How to deal with vulnerabilities that won't be resolved anytime soon?
Issue -
State: closed - Opened by sebastian-philipp about 1 year ago
- 1 comment
Labels: enhancement
#592 - build(deps): bump github/codeql-action from 2.2.9 to 2.2.11
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions
#591 - build(deps-dev): update ruff requirement from <0.0.261 to <0.0.262
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, python
#590 - build(deps): bump github/codeql-action from 2.2.9 to 2.2.10
Pull Request -
State: closed - Opened by dependabot[bot] about 1 year ago
- 1 comment
Labels: dependencies, github_actions
#589 - Support upgrading hashes with `--fix`
Issue -
State: open - Opened by q0w about 1 year ago
- 5 comments
Labels: bug